Docs

createSamlConnection()

Creates a new SamlConnection.

function createSamlConnection(params: CreateSamlConnectionParams): Promise<SamlConnection>

CreateSamlConnectionParams

  • Name
    name
    Type
    string
    Description

    The name to use as a label for this SAML Connection.

  • Name
    provider
    Type
    'saml_custom' | 'saml_okta' | 'saml_google' | 'saml_microsoft'
    Description

    The Identity Provider (IdP) provider of the connection.

  • Name
    domain
    Type
    string
    Description

    The domain of your organization. Sign in flows using an email with this domain will use this SAML Connection. For example: 'clerk.dev'

  • Name
    organizationId?
    Type
    string
    Description

    The ID of the organization to which users of this SAML Connection will be added

  • Name
    idpEntityId?
    Type
    string
    Description

    The Entity ID as provided by the Identity Provider (IdP).

  • Name
    idpSsoUrl?
    Type
    string
    Description

    The Single-Sign On URL as provided by the Identity Provider (IdP).

  • Name
    idpCertificate?
    Type
    string
    Description

    The X.509 certificate as provided by the Identity Provider (IdP).

  • Name
    idpMetadataUrl?
    Type
    string
    Description

    The URL which serves the Identity Provider (IdP) metadata. If present, it takes priority over the corresponding individual properties.

  • Name
    idpMetadata?
    Type
    string
    Description

    The XML content of the Identity Provider (IdP) metadata file. If present, it takes priority over the corresponding individual properties.

  • Name
    attributeMapping?
    Type
    { emailAddress?: string, firstName?: string, lastName?: string, userId?: string }
    Description

    The attribute mapping for the SAML connection.

Example

const response = await clerkClient.samlConnections.createSamlConnection({
  name: 'test-okta',
  provider: 'saml_okta',
  domain: 'clerk.dev',
  idpMetadataUrl: 'https://trial-000000.okta.com/app/exk...',
  attributeMapping: {
    emailAddress: 'user.email',
    firstName: 'user.firstName',
    lastName: 'user.lastName',
  },
})

console.log(response)
/*
{
  object: 'saml_connection',
  id: 'samlc_123',
  name: 'test-okta',
  domain: 'clerk.dev',
  idp_entity_id: 'http://www.okta.com/exk...',
  idp_sso_url: 'https://trial-000000.okta.com/app/trial-000000_clerkdocstest_1/exk.../sso/saml',
  idp_certificate: 'MII...',
  idp_metadata_url: 'https://trial-000000.okta.com/app/exk.../sso/saml/metadata',
  idp_metadata: null,
  acs_url: 'https://prepared-phoenix-00.clerk.accounts.dev/v1/saml/acs/samlc_123',
  sp_entity_id: 'https://prepared-phoenix-00.clerk.accounts.dev/saml/samlc_123',
  sp_metadata_url: 'https://prepared-phoenix-00.clerk.accounts.dev/v1/saml/metadata/samlc_123.xml',
  attribute_mapping: { user_id: '', email_address: '', first_name: '', last_name: '' },
  active: false,
  provider: 'saml_okta',
  user_count: 0,
  sync_user_attributes: true,
  allow_subdomains: false,
  allow_idp_initiated: false,
  created_at: 1720032705432,
  updated_at: 1720032705432
}
*/

Backend API (BAPI) endpoint

This method in the SDK is a wrapper around the BAPI endpoint POST/saml_connections. See the BAPI reference for more information.

Feedback

What did you think of this content?
Edit this page on GitHub

Last updated on